A joint study conducted by Sonatype and Aspect Security found that many open source components, security libraries and web frameworks contain vulnerabilities, and that many Fortune 500 companies have downloaded and built applications based on these components.
more

For businesses and other organizations today, open-source software (OSS) is transformative in terms of its ability to allow organizations to write software very quickly and to leverage innovation very aggressively.
more

Sonatype has extended the use of its Nexus repository manager to .NET developers this month. Now compliant with both Java components and Microsoft platform code blocks, the company hopes to win new appeal among programming shops operating heterogeneous development environments.
more

The new Nexus Professional 2.0 may sound more like a digital camera than a developer tool, but its basic function is to provide "actionable" information about the open-source components used in any development project.
more

Sonatype today released a new version of its Maven-based component repository that supports software developers using the .NET Framework. Version 2.0 of Sonatype's Nexus Professional, a widely used repository manager for Java components, adds support for.NET developers who want to store and manage their components in a repository.
more

Sonatype has released the Nexus Professional 2.0 open-source repository manager. The new iteration now includes more "actionable" information about the open-source components used in any development project.
more

Sonatype Nexus Professional 2.0 Brings Component Intelligence to Repository Management Real-Time Security, Licensing and Popularity Feeds Improve Visibility and Control for Component-Based Software Development
more

The Entrepreneur Center @NVTC announced the 2012 winners of the Entrepreneur Navigator Awards at a reception on Thursday, February 2, at the Tower Club in Tysons Corner, Va. The Navigator Awards recognize individuals and organizations whose commitments of time, experience, intellectual capital and personal effort have improved the quality of the entrepreneur community or have led to the success of a startup or entrepreneur.
more

The cost of delaying my 2012 predictions is that one has already come to pass. Nginx – the web server now powering all of the redmonk.com properties – passed IIS according a January 4 Netcraft release. Read more: http://redmonk.com/sogrady/2012/01/13/2012-predictions/#ixzz1jpPTXEkD
more

It's natural for open source projects to build upon the work done by other open source projects. Sonatype is facilitating the availability of components from Java.net's large open source project base, by bringing Java.net project artifacts into the Central Repository, a leading source for open source Java components.
more

Sonatype Insight: Data as the Product Sonatype Insight Heatmap There is no shortage of evidence concerning the value of data, generally. From predicting the flu to the outcome of elections (PDF) to the best practices for dating websites, it’s obvious that knowledge really is power. What’s been lacking, at least according to the conventional wisdom, has been proof points of data being a direct source of revenue. Read more: http://redmonk.com/sogrady/2011/11/03/sonatype-insights/#ixzz1d8qkeoUo
more

Gartner estimates that by 2013, 90 percent of Global 2000 enterprises will include open source software (OSS) as business critical elements of their IT portfolios -- and by 2016, that number will increase to 99 percent. It makes sense that open source use is on the rise. Java developers already know that open source offers unmatched flexibility, the power to control and easily modify code and optimize performance. The bottom line: Using open source components for software development improves an organization's ability to deliver higher quality software faster at lower cost.
more

Spend enough time in the tech industry, and you'll eventually find yourself in IT hell -- one not unlike the underworld described by Dante in his "Divine Comedy." But here, in the data centers, conference rooms, and cubicles, the IT version of this inferno is no allegory. It is a very real test of every IT pro's sanity and soul.
more

Sonatype Addresses IT Security Professionals at SANS Security Architecture Conference in Washington Vice President of Engineering, Brian Fox to Offer Best Practices for Managing Risk and Maximizing Business Value from Open-Source Component Usage in Application Development
more

The latest print edition of the Washington Business Journal includes a story by tech reporter Bill Flook on the latest plans for Sonatype, a software startup run by Wayne Jackson, a well-known tech entrepreneur in the D.C. region.
more

Sonatype this week launched a new suite of products and services designed to help companies better manage their usage of open source Java components. Called Sonatype Insight, it leverages the open-source Maven Central Repository, which the company administers, to generate actionable intelligence about open-source-software usage at any stage of the app-dev process.
more

Sonatype, the main company which drives Maven development, has joined a growing list of companies which aim to help organisations understand and audit their open source software usage, with the announcement of the Sonatype Insight software suite.
more

Hitting the global software tools marketplace this week is Sonatype Insight, a new suite described as a combination of both "software products and information services" for ensuring the integrity of open-source components in the software supply chain.
more

It's a scenario with which many Java developers are all too familiar - and one which many fear. You log on to the network or arrive at the office to discover your Chief Security or Compliance Officer, Application Manager or even a VP of Sales and Marketing in a state of panic. A commonly used open source component has a serious security vulnerability that may expose your client-facing applications to attack. Even worse, the flaw was identified a few weeks ago, but your organization has just heard about it.
more

Gartner estimates that 99% of companies will be using open-source software components in their software packages by 2015, and it is because of this that Mark Driver, research vice president for Gartner, believes enterprise organizations need to understand what risks exist and how to mitigate them.
more